The field of the present disclosure relates generally to networks and, more particularly, to systems and methods for using consolidated message processing to authorize payment transactions without acquirer involvement.
It is well known to have a multi-party transaction processing system. In these known systems, a consumer or cardholder initiates a transaction at a merchant point-of-sale using a payment card (e.g., a credit card, debit card, etc.). The merchant point-of-sale generates an authorization request that is transmitted to a merchant bank or acquirer. The authorization request is formatted as a network message specifically formatted for transmission over a transaction processing network (e.g., MasterCard®, VISA®, etc.), for example, an ISO8583 message. The acquirer receives the authorization request and transmits the authorization request to the transaction processing network (e.g., MasterCard®, VISA®, etc.), which triggers the transaction processing network to transmit the authorization request message to an issuer bank. The issuer bank or “issuer” has issued the payment card to the cardholder. When the issuer authorizes the transaction, an authorization response is transmitted back through the transaction processing network to the acquirer. The acquirer returns an authorization response to the merchant point-of-sale, which allows the transaction to be finalized.
In at least some multi-party transaction processing systems, authentication processes have been developed. Authentication is designed to authenticate or verify that the person using the payment card to initiate the transaction is, in fact, the cardholder associated with the payment card. In other words, these authentication processes are meant to reduce fraud. The importance, and ubiquity, of authentication processes has expanded as e-commerce, or the body of transactions initiated over the Internet, has ballooned in both frequency and volume of sales. The “card-not-present” (CNP) transactions that define e-commerce present greater opportunity for fraudulent transactions, as typically only a payment card number is needed to initiate a transaction. Accordingly, more rigorous authentication processes are continually being designed and implemented in an effort to safeguard cardholder information and reduce fraudulent transactions.
One authentication protocol is known as 3-D Secure® (3DS). 3DS is used by merchants and acquirers to authenticate transactions before they proceed to authorization. In at least one implementation, to authenticate a transaction, a merchant at which the transaction is initiated generates a “web call” or Internet-based message (e.g., an XML-formatted message) to “call” or activate the 3DS protocol. This 3DS web call includes data elements associated with the initiated transaction, such as a merchant identifier and transaction amount, as well as authentication data elements (e.g., cardholder information, device information, digital wallet information, location information, etc.) that facilitate authentication of the cardholder. The merchant transmits the 3DS web call to a 3DS provider, which may include a third party, an issuer, and/or a transaction processing network. If authentication is successful, the 3DS provider generates a 3DS web response (e.g., an XML-formatted message) including an Accountholder Authentication Value (AAV) that indicates the authentication was successful. The 3DS web response is transmitted to the issuer and back to the merchant. Only then does the merchant generate and transmit an authorization request to an acquirer. In other words, the merchant is generating and transmitting two separate messages in series, first to the issuer and then to the acquirer, which can add to transaction processing time. This additional message can add a great deal of time and processing requirements, especially for very large online merchants (e.g., Google®, Amazon®).
Therefore, a transaction processing system is needed in which a merchant is capable of authorizing payment transactions without acquirer involvement.